Low-level flaw gets Microsoft fired up

Page Tools

A French security research group has released exploit code for a
low-level vulnerability in Windows, prompting Microsoft to issue
the first of what it calls "pre-patch advisories".

Earlier this month, Microsoft said it would start the pre-patch
service on May 10 to inform users about how they could minimise the
chances of an attack, made possible due to exploits released by
third parties.

The French Security Incident Response Team, formerly known as
k-otik, said the vulnerability could be exploited remotely to cause
a denial of service and crash a machine that was attacked.

Customers who had installed Windows XP Service Pack 2, Windows
Server 2003 Service Pack 1, or the MS05-019 security update, were
not affected, Microsoft said.

The security update was released last month to patch a
vulnerability in Microsoft's implementation of TCP/IP, a protocol
that allows computers to communicate.

However, the FrSIRT researchers said they were unaware of any
patch that could fix the flaw they had uncovered.

They said the MS05-19 security update could only fix another
variant of the same flaw.

They said the flaw could be exploited on systems running any of
XP, XP SP1, XP SP2, Server 2003 and Server 2003 SP1.

Microsoft said it was unaware of any attacks attempting to use
this vulnerability, and so far had no reports of customer
impact.

Despite reacting to a flaw which was rated low-level by the
discoverers themselves, the company is yet to do anything about
highly critical vulnerabilities in various versions of Windows - two
reported in March and another
on May 5 by eEye Digital Security.